End-to-end encrypted chat for cyber security operators

Today we’re excited to announce the launch of Pulsar v1.0, which adds end-to-end encrypted chat functionality to the TruSTAR Station. Recently, companies like Silent Circle, Surespot, and Telegram have helped advance the security and accessibility of end-to-end encrypted communications. Within our Pulsar collaboration tool, we chose to work with Kryptnostic — a Silicon Valley based start-up with a killer team. Kryptnostic’s JavaScript client allows users to build applications which store data securely. The client encrypts all the data in the browser so that it is secured in flight and at rest.

This is a significant step for TruSTAR, because now we combine verifiably anonymous sharing with end-to-end encrypted chat. This new feature allows users to collaborate in real-time and discuss sensitive attack information or mitigation actions with security operators across the network while ensuring the content of those chats is only ever seen by authorized group members. Even TruSTAR will not know the contents of chat discussion. Unless of course, the users invite the TruSTAR responder team to participate.

Decoupling data and UI

So why is TruSTAR Engineering excited? We love a good API because it effectively separates two different concerns: data and UI. From an engineering standpoint this means we can move forward quickly with UI improvements while maintaining the same core data functionality that drives value for users.

On top of that, our friends at Kryptnostic have been very responsive and very helpful as we move towards more streamlined integration with their platform. These factors have made us very excited to continue building out advanced collaboration features.

We’re just getting started

It’s important to emphasize that this is just the beginning for the anonymous collaboration aspect of our platform. Ramping up development on some new and exciting features will be a key focus for our engineering team over the next couple months. Here are some features we’re pushing towards:

Custom UI + Deeper Platform Integration

One of the current limitations of Pulsar is its integration with the rest of the Station platform. In the coming months we’d like to take advantage of the Kryptnostic API to build a Station-centric UI that works seamlessly with all other features of the platform, especially correlation and report submission.

The updated Pulsar is ready to roll and is already live on the TruSTAR Station. For more information on how to set up your Pulsar account on the TruSTAR platform, please click here.

“Knock-to-Join”

This is one of the features we’re most excited about. It’s currently possible to quickly start a new conversation about any data that is shared to the Station. But what about conversations that are already going on? Other private chats that you would join if you knew they existed? That’s where “Knock-to-Join” comes in. Clicking a “Knock-to-Join” button will notify the conversation’s creator and give them the option to let you in. This feature is currently in early development stages, but ultimately we hope it will help create “circles-of-interest” that dynamically brings together security operators who may be experiencing similar cyber attack pain.